New Vulnerability hits Intel processors - Lazy FP State Restore

Another week, another Intel exploit.

 

It's funny for us , but just imagine the *** the big server farms are going thru week after week that every time they think the patching is over- here we start again...
EPYC becoming more and more attractive for them for next upgrade lol.

 

Not a single platform is fully secure from issues such as those. With enough time, research and testing you can find loopholes practically everywhere.

Simply this is a new public trend to follow this information, hence all of those research agencies which attempt to find a loophole, cash in on it and get some easy publicity.

 

Also is unclear if this problem affects AMD too.
If lazy fpu restore was good and not proprietary tech ( but a part of x86 and x64 patent ) amd has it too probably?

 

Man this snowball keeps rolling and rolling... these discoveries probably did more harm than good.

 

From what I've read, AMD is not affected.

http://seclists.org/oss-sec/2018/q2/189

The good news is that it can be easily addressed via an OS update. Doesn't look like it will be much of an issue and performance impact will be negligible, if any (the impact will mostly on Intel's reputation).

 

Let's hope so. AMD could use the money to do some R&D.

 

Jesus Somebody really has something against Intel huh? This is not good for them at all! Cant be on top 4 ever tough.

 

Idk what to think about intel anymore, so far it looks like Intel is one Big pile of...

Even worse then this swiss cheese xD


https://s6.**********/lt2cqvf3l/2018-06-14_14.26.07.png

 

Honestly, I'm still surprised we all didn't get hacked all the years back, you can't tell me nobody tried to exploit such a feature. I'm more thinking I need my tin foil hat again, because so many "different" security issues, flaws and exploits can't be not recognised for a decade in PC business. Somebody has to have known about it, and probably exploited it all the time.

 

These constant security flaws could be the best thing that happened to AMD ever.

 

even if already used all the time, until now there no "big-news" whatsoever regarding the exploit that done real-damage to people
for me personally, as long my sensitive-data not used for bad-things that can give me any loss, then no problem whatsoever

like our bank/personal data, say goverment been using the exploit to get all those information, but again for civil people, other than for verification purpose most of time, i dont think they do anything else

not like cyber-thef that use those sensitive data to get money, if this the case indeed everyone should panic.

but i mean its similar to ISP, ur isp might monitoring your usage, but they dont do anything whatsoever right? even say u are downloading tons on piracy-stuff etc.

beside now let say intel fix whole current vulnerability mess, that doesnt mean the CPU will vulnerability-free anyway.... there will always vulnerability, it just matter time before it get exposed

 

Another speculative execution vulnerability, what a surprise.. I dont know how intel is going to fix all these since it can be exploided as long speculative execution is working. They should just nuke whole speculative feature and fix it at hardware level.

 

And the best thing is that intel got 99% of the market so AMD can watch from the side and learn and improve the product/make patches if needed before launch and offer Secure 7nm EPYC for customers .

 

Hm. XSAVEOPT was introduced with Sandy Bridge. So does that mean the vulnerability affects only CPUs older than SB?

 

yep, everyone wants there day in the news. majority of public is never gone keep up with let alone patches this stuff I still have yet to do the bios patches for original issue. it will be cold day in hell before i play this update my bios every 3 weeks people need to learn to keep there mouths zipped about this stuff. and lets this stuff be slightly fixed in hw instead cause panic in the public.

 

Like others have said, Intel really need to fix all these speculative side channel vulnerabilities in hardware - to improve security & also their reputation, but I do wonder how much performance they will have to sacrifice in their next hardware-fixed chips to make that happen. We may never know the answer to that though, because there'd be no basis for comparison when it comes to said new chips. I'm fed up with hearing about it - sure I'm gonna keep reading the news on it, but I am fed up with it, thinking do I need to patch this or do I need to patch that, what's the performance hit gonna be, etc. At the moment I use Spectre-fixed microcode on my Skylake desktop, then use InSpectre program to flip protection on or off depending on what I'm doing - gaming I switch it off, everything else I leave the protection on - just requires a reboot to make the switch. I'd rather not bother messing about with it, bring on the hardware fixes!

 

That, and cryptocurrency miners.